Exploits and Defenses for a Web 2.0 World
The World Wide Web is a dangerous place. As companies and government agencies have become more competent at traditional vulnerability management, politically and financially motivated attackers have refocused their efforts on softer targets such as web applications and end-user web browsers. These attacks are surprisingly simple, yet have potentially devastating impact. This presentation will focus on an emerging class of attacks which target end users rather than web applications directly. We will present clear, concise explanations of cross site scripting and man in the middle attacks, and show how they can be used to perform client-side exploitation. We will then discuss practical, vendor-neutral defenses against these attacks. CISO's and Infosec managers interested in evolving their security programs to meet the challenge posed by these new threats will find this session engaging and informative. OWASP is a non-profit organization dedicated to improving software security. As such, this presentation will be completely free of vendor bias. For more information please visit http://www.owasp.org Speaker: David W. Campbell David is a veteran security consultant who has been involved in OWASP since 2004 and has been leading the Denver chapter since 2007.
- Presenting
- David W. Campbell; Leader; OWASP
- Channel
- Information Security
- Date
- Aug 13 2009
- Duration
- 1880
- Tags
- david campbell, OWASP, data and privacy
Flash is required to view this webcast/channel:
You need version 9.0.115.0 or later of the free Flash player from Adobe
to use this content.
To download and install the free player from Adobe's web site
click here.
